Professional Documents
Culture Documents
Dedication
This book is dedicated to my dear mother, who doesnt care about internet freedom, but only her children and grandchildren, so that I have time to write. This book is also dedicated to my dear motherland China, where there is GFW which blocks internet freedom, so that I have to write something about how to unblock blocked sites.
Acknowledgements
Among all those free anti-censorship tools mentioned in this book, none is created by myself, and I just test and share them and tell people how to use them. So, thanks to the authors who develop and share those free VPN, SSH, Proxy and/or any other anti-censorship tools.
Chapter One
Free Online Proxies
Chapter Two
Free Proxy Softwares Part One: Ultrasurf Part Two: Freegate Part Three: Tor Part Four: GAppProxy Part Five: Goagent Part Six: Hyk-proxy Part Seven: Snova Part Seven Section One: The Easiest Ways To Use Snova Part Seven Section Two: How To Use Snova On GAE Part Seven Section Three: How To Use Snova On Cloud Foundry Part Seven Section Four: How To Use Snova On Heroku Part Seven Section Five: How To Use Snova On OpenShift Part Seven Section Six: How To Use Snova On Jelastic Part Eight: Best 2 Extensions For You To Manage Network Proxy Settings
Chapter Three
Free VPN Services Part One: Free PPTP VPN Services Part Two: Free VPN Softwares Part Three: How To Build A VPN Part Three Section One: How To Build A PPTP VPN Part Three Section Two: How To Build A L2TP VPN Part Three Section Three: How To Build An OpenVPN Part Four: How To Set Up VPN
Chapter Four
Free SSH Services Part One: Free SSH Tunnels Part Two: How To Create A SSH Tunnel Part Three: How To Connect To SSH Tunnel
Chapter Five
The Differences Among Proxy, SSH And VPN
Chapter Six
How To Access Blocked Sites With Google Reader
Chapter Seven
How To Access Blocked Sites With The Hosts File
Chapter Eight
How To Access Blocked Sites Via gogoCLIENT
2 2 4 4 10 10 11 15 20 25 35 43 52 57 60 67 75 81 89 96 99 99 100 108 114 116 120 127 133 135 135 136 141 144 147 147 150 150 153 153 157
Chapter Nine
How To Check If A Site Is Blocked Part One: Check If A Site Is Blocked With Anti-censorship Tools Part Two: Check If A Site Is Blocked By Pinging It Part Three: Top 10 Websites For You To Check If A Site Is Blocked Part Four: Check If A Site Is Blocked In China With WebSitePulse
Chapter Ten
Appendix Part One: Top 10 Websites Blocked in China Part Two: Countries That Block Facebook
Subsequent
This Book Is Free
157 164 164 165 166 167 173 175 175 176 181 182 182
Preface
My Internet Freedom Declaration
Preface
My Internet Freedom Declaration
While there is no definition, someone declares five basic principles of Internet Freedom, which are Expression, Access, Openness, Innovation and Privacy. As a man living in China, I totally agree with those 5 principles and know how import internet freedom will be, since you might go to jail by a message you posted online, fail to visit Facebook, Twitter, YouTube and many other websites, get your website shut down because of one criticized post, and even find out that your private chat history were released to the police without any court document, so on and so forth.
Sounds horrible, right? But which were all happened in the Chinese internet world. Since 2007, I have fought against the GFW (great firewall) the biggest part of Internet Censorship in China, by testing free anti-censorship tools as many as possible and sharing them on my blogs, both Free Nuts and Jing Pin (in Chinese). Up till now, I have tested and introduced over 100 free anti-censorship tools, including VPN, Proxy, SSH and more, among which, some may be not available any more when you are reading this book, but luckily, there will be always some new tools, and I will keep an eye on them.
Preface
My Internet Freedom Declaration
Chapter One
Free Online Proxies
Chapter One
Free Online Proxies
The main advantage of online proxy websites (or web proxies) is that you don't need to install anything nor to make any configuration, just to look out those pop-up ads. If you can bear those ads, and want to get access to Facebook, Twitter, YouTube and/or any other websites that blocked in your area, or just want to be anonymous, then you can check out the following top 100 free online proxies:
1. Aniscartujo.com The Aniscartujo web proxy is workable for both computers and mobile phones. 2. Anonproxy.eu With Anonproxy.eu, you can encode URL/page and allow cookies.
Chapter One
Free Online Proxies
3. Btunnel.com The Btunnel.com web proxy is available for you to delete cookies, to remove scripts, and to hide referrers, but there will be a boring pop-up ad on the homepage. 4. Daveproxy.co.uk A UK web proxy which supports JavaScript well. 5. Dtunnel.com Nearly same as Btunnel.com. 6. Free-web-proxy.de This web proxy allows you to watch YouTube videos as well as to download them in MP4 files. 7. Fproxy.nl Nearly same as Anonproxy.eu. 8. Goodproxy.eu Goodproxy.eu is powered by Glype, but not available for you to visit the YouTube website. 9. Hidemyass.com The Hide My Ass web proxy is available for you to enable SSL security, to disable flash & Javascript, or to select encrypted URL obfuscation. 10. Kproxy.com Https protocol is supported and downloads are allowed by Kproxy.com. 11. Megaproxy.com/freesurf The Magaproxy free version is free of pop-up ads. 12. Peacefire.org/circumventor On the website, you will get one URL of a web proxy, if which is blocked, you can subscribe to its lists for more.
Chapter One
Free Online Proxies
13. Polysolve.com Nearly same as Btunnel.com. 14. Proxyweb.com.es The input box is between 2 large ad banners. 15. Safeforwork.net With SafeForWork.net, you can remove cookies/scripts, hide referrers and show entry form. 16. Shieldproxy.com This web proxy is very simple with just an address box in its homepage. 17. Smscut.com/onlinesonic Online Sonic will translate the languages of the target websites into French. 18. Surfagain.com Surfagain.com is available for you to watch YouTube videos. 19. Surfinweb.tk Surfinweb.tk is available for you to watch YouTube videos, too. 20. TryCatchMe.com The effect of TryCatchMe is nearly same as Daveproxy. 21. Vtunnel.com Nearly same as Btunnel.com. 22-41 Aproxy.org (20) The Aproxy.org website offers tens of links to different free online proxies, among which, the following 20 are the workable and best during my test: Dxyh.com
Chapter One
Free Online Proxies
Fubian.com Isityet.net Lovetogetby.com Ninjacloak.com Proxy-free.org Proxy4surf.info Proxypolice.com Proxyhasty.com Renewmyip.com Resellerzone.us Surfnewip.com Super-affiliate.in Theninjacloak.com Topbits.us Unblock-internet.ws Vvwa.com Vectroproxy.com Web4surf.com Web4proxy.org 42-60. Centurian.org (19) The Centurian.org website offers about 100 proxies, among which, the following 19 are the best and workable during my test: 0010site.info 00011site.info 7us.info Free-pro.info Iweb20.info Justbrowse.info Longbuluo.info Luispro.com Microxy.com Myservus.info Mywebproxy.net newsurf.info Proxy2free.net School-proxy.us Stripcomprox.info Unblockwebsite.org Usaproxies.com
Chapter One
Free Online Proxies
Vectrotunnel.com Xeronet-proxy.com 61-100. Proxymeup.com (40) There are over 50 workable web proxy tools on the proxymeup.com website, and the following 40 are the best up till now: 007007007.eu 123proxy.eu 2fastproxy.tk Aaaproxy.eu Awesomeproxy.eu Bypassme.in Crochetheart.com Devilproxy.eu Hideproxy.eu Homeproxy.com Healthycheapeating.com Iwebproxy.net Iunblock.in Myproxy2day.info Manghun.com Mydoggieneeds.com My-proxy.olympe.in Newenergytomorrow.info Newtattooonline.com Olympicproxy.net Ondrej.me Proxy000.eu Proxy007.eu Proxy-fre.com Proxytools.info Proxme.net Proxy4you.eu Proxyforfree.eu Proxy-ss.olympe.in Proxymonkey.org Proxy-best.com Rockvideo.cz Securewebproxy.net Spem.at
Chapter One
Free Online Proxies
Unblocker4u.com Usawebproxy.net Ultimateformalwear.com Websurf.in Workproxy.net Yellowproxy.net To use any of the above 100 free online proxies, you can enter the URL of a blocked site in the input box, and press the Enter key or click on the "Go" button, then you can unblock and visit the site. Among the above 100 free online proxies, some of them may be blocked in your area (such as China) when you read this e-book, but luckily, some of them will be still workable, too.
Chapter Two
Free Proxy Softwares
Chapter Two
Free Proxy Softwares
Although both are proxies, desktop softwares are different from online websites. While online proxies are full of ads, there are less or even no ads for proxy desktop softwares; while you can use online proxies directly, you need to download and install their clients before you can use those proxy softwares. If the websites of those proxy softwares are blocked in your area (such as China), it is a good idea for you to use free online proxies to visit them. Among those free proxy softwares, the following 7 are the best: 1. Ultrasurf; 2. Freegate; 3. Tor; 4. GappProxy; 5. Goagent; 6. Hyk-proxy; 7. Snova.
Chapter Two
Part One: Ultrasurf
Open the Ultrasurf.us site, and click on the "FREE DOWNLOAD" button on the right top, then you can download the Ultrasurf client as a ZIP file. In case the Ultrasurf.us site is blocked in your area (such as China), you can use some other proxies, SSH tunnels or VPN services to unblock it. 2. Run Ultrasurf
10
Chapter Two
Part One: Ultrasurf
After download, extract the ZIP file, then you can get an EXE file, open which, you can run Ultrasurf directly. In case you come across with a Windows Security Alert, such as what you can see from the following image:
11
Chapter Two
Part One: Ultrasurf
Just click on the "Allow access" button, then you can see an IE new tab of Wujie, which is the Chinese version of Ultrasurf, and you can unblock any blocked sites right away. 3. Set browser network proxy On IE, you can use the Ultrasurf proxy service directly after connection, but on Chrome, Firefox, Safari or any other browser, you also need to set the network proxy to "127.0.0.1 : 9666". Take Firefox for example, you can find the proxy settings page via the following path: Preference > Advanced > Network > Settings
Then select "Manual proxy configuration" to enter "127.0.0.1" & "9666" on the HTTP Proxy column, check the "Use this proxy server for all protocols" box, and click the "OK" button to save the change, as what you can see from the following image:
12
Chapter Two
Part One: Ultrasurf
Instead to set the network proxy settings manually as mentioned above, you can also check out SwitchySharp and FoxyProxy to set them automatically. After that, you can bypass internet censorship, encrypt online communications, and hide your IP on non-IE browsers, too.
13
Chapter Two
Part Two: Freegate
I. Download Freegate
Open the Dynaweb site and download the Freegate client software, whether in exe or zip format. In case the Dynaweb site is blocked in your area (such as China), you can use some other proxies, SSH tunnels or VPN services to unblock it first.
14
Chapter Two
Part Two: Freegate
But before you can see the control panel in the above image, you may come across the following 2 pop-up windows: 1. Freegate Proxy Control
15
Chapter Two
Part Two: Freegate
As default, the domains of ".cn", ".baidu", ".qq" and some other suffixes will be connected directly, even though you remove them or select "Choose All websites go through Freegate proxy", which means you can't visit the sites of those domains with Freegate anyway. So, you can neglect this window and just click the "OK" button to close it. 2. Windows Security Alert In case you come across with a Windows Security Alert, such as what you can see from the following image:
16
Chapter Two
Part Two: Freegate
Just click on the "Allow access" button, then you can see the proxy's Chinese site Dongtaiwang on your IE browser.
17
Chapter Two
Part Two: Freegate
Same as Ultrasurf, On IE, you can use the Freegate proxy service directly after connection, but on Chrome, Firefox, Safari or any other browser, you also need to set the network proxy to "127.0.0.1 : 8580". The above instructions are for Windows only, in fact, Freegate is also available on Mac and Linux computer operating systems, and you can refer to the FAQ page for the usages. And besides computers, Freegate also supports Android, Java and WM mobile phones, but only in Chinese.
18
Chapter Two
Part Three: Tor
On the Download page, you can choose to download the right version according to your computer systems. For Tor Browser Bundle, you can and only can use its own browser (based on Firefox) to use its proxy service; and for Vidalia Bundle, you can use your Firefox, Chrome, Safari or some other browsers by setting their network proxies. By the way, you can choose the Tor browser output language before downloading Tor Browser Bundle. 2. Run Tor
19
Chapter Two
Part Three: Tor
No matter which version you downloaded, you can extract or install the package and run the Tor service directly. For Tor Browser Bundle, you can run the "Start Tor Browser" (for Windows) or "TorBrowser" (for Mac) file, and for Vidalia Bundle, you can run the "Vidalia" file. If the onion icon turns green, then the Tor proxy is working. 3. Add bridges
20
Chapter Two
Part Three: Tor
If the onion icon doesn't turn green, then the current Tor network is blocked, and the easiest way to solve the problem is to open the Vidalia's "Network" settings page, to select "My ISP blocks connections to the Tor network", and to add some bridges. So, how to get bridges for Tor? The following are 2 ways for your choice: 3.1 Via web Visit the Bridges page, and enter the verification code, then you can get 2 bridges. 3.2 Via email You can send an email with "get bridges" subject to "bridges@torproject.org" via your Gmail, soon you will get three newest bridges.
21
Chapter Two
Part Three: Tor
By the way, there used to be a "Find Bridges Now" button for to you get bridges directly, as mentioned before, but which is gone now. 4. Set browser network proxy
For Tor Browser Bundle, you can unblock the blocked site with its own browser directly, and for Vidalia Bundle, you need to change the SOCKS proxy to "127.0.0.1 : 9050". Take Firefox for example, you can find the proxy settings page via the following path: Preference > Advanced > Network > Settings
22
Chapter Two
Part Three: Tor
And select "Manual proxy configuration" to enter "127.0.0.1" & "9050" on the SOCKS column. By the way, you'd better select SOCKS v4, since SOCKS v5 may be not workable. Between Tor Browser Bundle and Vidalia Bundle, the first one is easier and more safe, but you can only use its own browser.
23
Chapter Two
Part Four: GAppProxy
Log in your Google App Engine account and create an available application ID, such as "freenutsdotorg" used for this post.
24
Chapter Two
Part Four: GAppProxy
On the "Security" page of your "Google Accounts", click the "Edit" button of "Authorizing applications and sites", and generate a new application-specific password. But you can skip this step if you do not use 2-step verification for your Gmail account.
3. Download GAppProxy
On the GAppProxy Downloads page, you can download the packages according to your operating systems.
25
Chapter Two
Part Four: GAppProxy
After download, you can extract them and get the following 2 folders: uploader-2.0.0-win localproxy-2.0.0-win
On Windows, you can find the app.yaml file in the "fetchserver" directory of the "uploader-2.0.0-win" folder; and on Mac/Linux, you can find the app.yaml file in the "fetchserver-2.0.0" folder. After that, open the app.yaml file, and change the "your_application_name" to your GAE app ID created in
26
Chapter Two
Part Four: GAppProxy
step 1.
Open the "uploader-2.0.0-win" folder, double-click the "uploader.exe" file, and enter your App ID, Gmail address and password, then you are done.
27
Chapter Two
Part Four: GAppProxy
To upload the GAppProxy server on Mac/Linux, we need a third-party tool. 5.2.1 Download Google App Engine SDK for Python Download Google App Engine SDK for Python of Mac or Linux version, and install it. 5.2.2 Add new application Run GoogleAppEngineLauncher, click "New Application" in the "File" option on the top menu bar, enter your GAE app ID as "Application Name", and assign a folder as "Application Directory", or just use the default one it offers. 5.2.3 Move the server files Copy "app.yaml" and "fetch.py" files in the "fetchserver" folder and paste them into the "Application Diretory" folder. 5.2.4 Upload the server Back to GoogleAppEngineLauncher, click on the "Deploy" button, enter your Gmail address and password, then you can upload the GAppProxy server to GAE.
28
Chapter Two
Part Four: GAppProxy
Remember to replace "APP_ID" with your own GAE app ID, and if you can see the following result:
Then the GAppProxy server is uploaded successfully, if not, you can try to change "http" to "https", or to run an anti-censorship tool (such as proxy, ssh or VPN), and try again, if still not, then you need to upload the server again.
29
Chapter Two
Part Four: GAppProxy
After that, save the file. 6.1.2 Run the GAppProxy client You can double-click the "proxy.exe" file in the same folder to run the GAppProxy client.
30
Chapter Two
Part Four: GAppProxy
Open the Terminal application, and enter the following command line: python xxx/localproxy-2.0.0/proxy.py
Remember to replace "xxx" with the full path to the "localproxy-2.0.0" directory, or you can just drag the "proxy.py" file and drop it behind "python".
31
Chapter Two
Part Four: GAppProxy
When the GAppProxy client is running, you can edit the browser network settings and change the proxy address to "127.0.0.1: 8000", as what you need to do with any proxy service. By the way, since GAppProxy only supports HTTP with 80 port and HTTPS with 443 port, you can leave the SOCKS and FTP proxies empty.
Note:
Take the "freenutsdotorg" app ID for example, if you can't open the site of the following URL on your browser: http://freenutsdotorg.appspot.com/
32
Chapter Two
Part Four: GAppProxy
But you can do that after changing "http" to "https", then you need to make the same change for the "fetch_server" link in the last line of the "proxy.conf" file, such as the following: fetch-server = https://freenutsdotorg.appspot.com/fetch.py
And if you still fail to open the site after changing "http" to "https", then your app ID is blocked and you won't be able to use the GAppProxy service, in that case, you can create a new GAE app and try again.
33
Chapter Two
Part Five: Goagent
Goagent supports multiple app IDs, so that you can creat one or more new GAE applications, or use the old ones, but the "Storage Scheme" of each must be "High Replication".
34
Chapter Two
Part Five: Goagent
On the "Security" page of your "Google Accounts", click the "Edit" button of "Authorizing applications and sites", and generate a new application-specific password, which will be used when uploading the Goagent server to your GAE in step 4. But you can skip this step if you do not use 2-step verification for your Gmail account.
Download the Goagent package (a zip file) via the link on the top of its homepage, as what you can see from the above image. After that, extract the zip file, and you will get a "local" folder as well as a "server" folder.
35
Chapter Two
Part Five: Goagent
On Windows, open the "uploader.bat" file, enter your GAE app ID created in step 1, your Gmail address and the application-specific password, then you can start to upload. And to use more than one app ID, you can separate them with the "|" mark. 4.2 How to upload the Goagent server on Mac
36
Chapter Two
Part Five: Goagent
On mac, open the Terminal application, and enter the following command line: cd the-path-to-the-server-folder
You can also just drag the "server" folder and drop it behind the "cd" command. After that, enter the following command line: python uploader.zip
Then, you can enter your App IDs, Gmail address and the application-specific password to upload the server. By the way, do not bypass the first command line and use the "python the-path-to-uploader.zip" command directly, which may be not workable.
37
Chapter Two
Part Five: Goagent
When the upload is finished, open the "proxy.ini" file in the "local" folder, and change the "appid" value from "goagent" to your real GAE application IDs. By the way, you can also change the "profile" value from "google_cn" to "google_hk" for a better security with https mode.
38
Chapter Two
Part Five: Goagent
On Windows, you can just double-click on the "Goagent.exe" file in the "local" folder and run the proxy service. 6.2 How to run the Goagent client on Mac
On Mac, you can open the Terminal application and enter the following command line: python the-parth-to-proxy.py
39
Chapter Two
Part Five: Goagent
This time, you can drag the "proxy.py" file from the "local" folder and drop it behind the "python" command.
When the Goagent client is running, you can edit the browser network settings and change the proxy address to "127.0.0.1: 8087", as what you need to do with any proxy service. After that, you can start to use Goagent to browse the internet anonymously and unblock the blocked sites in your area. But, same as GAppProxy and Hyk-proxy, the Goagent proxy doesn't support https well, even though that you can double-click the "CA.crt" file in the "local" folder to install or import the certification, which will only
40
Chapter Two
Part Five: Goagent
work on Safari, but not Chrome or Firefox during my test for Twitter and Facebook. By the way, besides Windows and Mac systems mentioned above, Goagent is also available for Linux, as well as Android, iOS, webOS, OpenWRT and Maemo operating systems.
41
Chapter Two
Part Six: Hyk-proxy
42
Chapter Two
Part Six: Hyk-proxy
On the "Security" page of your "Google Accounts", click the "Edit" button of "Authorizing applications and sites", and generate a new application-specific password. But you can skip this step if you do not use 2-step verification for your Gmail account.
If you haven't gotten these two softwares on hand as mentioned before, you can download Java on its official website, and download Google App Engine SDK for Java from Google Code. By the way, on Mac, you only need to download and extract the Google App Engine SDK for Java package, since Java is pre-installed.
43
Chapter Two
Part Six: Hyk-proxy
Among the 4 packages on the Hyk-proxy Downloads webpage, you can just download "hyk-proxy-0.9.4.1.zip" and "hyk-proxy-gae-server-0.9.4.1.zip". By the way, on Windows, you can also download "hyk-proxy-install_0.9.4.1.exe" instead of "hyk-proxy-0.9.4.1.zip"; and you need to download the "hyk-proxy-android-0.9.4beta.apk" package if you want to use Hyk-proxy on your Android. After that, extract the zip files you download.
5. Deploy task
To deploy task means to upload the Hyk-proxy server to your GAE application. On Windows, you can run the "install.bat" file in the "hyk-proxy-gae-server-0.9.4.1" folder; and on Mac/Linux, you can open the Terminal application and enter the following command line: sh /the-path-to/install.sh
Or you can just drag the "install.sh" file from the "hyk-proxy-gae-server-0.9.4.1" folder and drop it behind the "sh" command. After that, you can see an "AppEngine AppCfg GUI Wrapper" window, such as the following:
44
Chapter Two
Part Six: Hyk-proxy
In the window, you can define the location of the "Google App Engine SDK for Java" folder, enter your GAE app ID, select the "hyk-proxy-gae-server-0.9.4.1" folder as AppLocation, enter your Gmail address and password, then you can click the "Deploy" button to upload the Hyk-proxy server to your GAE. P.S. By the way, if you fail to deploy the task for the following error: Bad configuration: appengine-web.xml does not contain a <threadsafe> element.
45
Chapter Two
Part Six: Hyk-proxy
Then you need to enter the following line into the "appengine-web.xml" file: <threadsafe>true</threadsafe>
46
Chapter Two
Part Six: Hyk-proxy
Or you can just drag the "startgui.sh" file from the "hyk-proxy-0.9.4.1" folder and drop it behind the "sh" command. After that, you can open the Hyk-proxy client window, click on the "Config" button of "GAE 0.9.4.1" in the "Plugins" tab, and click the "New" button to add your APP ID, such as what you can see from the following image:
And you can add more than one App ID, after that, click the "Apply" button.
7. Start Hyk-proxy
47
Chapter Two
Part Six: Hyk-proxy
When the App IDs are added, you can click the "Start" button to connect to the Hyk-proxy service.
48
Chapter Two
Part Six: Hyk-proxy
The above screenshot is for Firefox, and for other browsers, the http proxy settings may be a little different. That's all, and you can surf the internet anonymously and get access to the blocked sites.
Bonus:
Hyk-proxy will not work when your GAE application ID is blocked, in that case, you can connect Hyk-proxy with XMPP.
49
Chapter Two
Part Six: Hyk-proxy
To do so, you can open the "Connection" tab of the GAE plugin "Config" window, select "XMPP" as the connection mode and add your XMPP account (such as GTalk). Besides, you can also connect Hyk-proxy with HTTPS mode or HTTP proxy, but XMPP is the fastest and best.
50
Chapter Two
Part Seven: Snova
As default, Snova can automatically connect to some random GAE apps shared by others, so that you can just download the Snova client and run it. 2. To use Snova on your own GAE app
51
Chapter Two
Part Seven: Snova
Instead to use others' apps, you can also create your own ones, and upload the Snova server to them to run the proxy service. Again, none of the above 2 ways are available for you to visit HTTPS links, and to do so, you need install the C4 plugins on any of the following 4 PaaS platforms: 3. To use Snova on Cloud Foundry
52
Chapter Two
Part Seven: Snova
Cloud Foundry is available for you to run the Snova c4 plugin in an instance with 4-core CPU, 2 G disk, and 512M memory, no bandwidth limit. 4. To use Snova on Heroku
53
Chapter Two
Part Seven: Snova
OpenShift is available for you to create up to 3 apps, and each of which will run in an instance of 1GB disk and 512MB memory. 6. To use Snova on Jelastic
54
Chapter Two
Part Seven: Snova
With Jelastic, you can choose to build your C4 plugin on Servint, Dogado, Rusonyx or some other hosted service provider, and deploy the c4 plugin on its website directly without entering any command lines. For the C4 plugins, you need to use the "snova-c4-heroku-server-xxx.zip" file on Heroku, and use the "snova-c4-server-xxx.zip" file on the other 3 PaaS platforms. By the way, besides to use Snova on GAE, Cloud Foundry, Heroku, OpenShift or Jelastic separately, you can also use on one, more or even all of them together, as well as to use multiple apps on each of them.
55
Chapter Two
Part Seven Section One: The Easiest Ways To Use Snova
On the Hyk-proxy Downloads page, you can download "hyk-proxy-0.9.4.1.zip" or "hyk-proxy-install_0.9.4.1.exe" (for Windows only), and extract or install to use the proxy service on Windows and/or Mac. 1.1 On Windows On Windows, you can double-click the "startgui.bat" file in the "bin" directory of the extracted folder "hyk-proxy-0.9.4.1", or run "Start hyk-proxy (GUI)" if you have installed "hyk-proxy-install_0.9.4.1.exe". 1.2 On Mac On Mac, you can open the Terminal application and enter the following command line:
56
Chapter Two
Part Seven Section One: The Easiest Ways To Use Snova
sh /the-path-to/startgui.sh
Or you can just drag the "startgui.sh" file from the "hyk-proxy-0.9.4.1" and drop it behind the "sh" command. Whichever way you are using, you can open the Hyk-proxy client, click on the "Start" button, and run the proxy service.
Which will be nearly same as what you do with Hyk-proxy. On the Snova Downloads webpage, you can just download and extract "snova-xxx.zip" to use the proxy service on Windows and/or Mac. 2.1 On Windows On Windows, you can double-click the "startgui.bat" file in the "bin" directory of the "snova-xxx" folder. 2.2 On Mac
57
Chapter Two
Part Seven Section One: The Easiest Ways To Use Snova
On Mac, you can open the Terminal application and enter the following command line: sh /the-path-to/startgui.sh
Or you can just drag the "startgui.sh" file from the "snova-xxx" folder and drop it behind the "sh" command. Whichever way you are using, you can open the Snova client, click on the "Start" button, and run the proxy service. By the way, the above direct ways are not available for GAppProxy or Goagent, since the GAppProxy's default GAE app "fetchserver1" is over its serving quota, and Goagent does not offer a default GAE app at all.
58
Chapter Two
Part Seven Section Two: How To Use Snova On GAE
59
Chapter Two
Part Seven Section Two: How To Use Snova On GAE
On the "Security" page of your "Google Accounts", click the "Edit" button of "Authorizing applications and sites", and generate a new application-specific password. But you can skip this step if you do not use 2-step verification for your Gmail account.
If you haven't gotten these two softwares on hand as mentioned before, you can download Java on its official website, and download Google App Engine SDK for Java from Google Code. By the way, on Mac, you only need to download and extract the Google App Engine SDK for Java package, since Java is pre-installed. What is more, besides Java, Snova also supports the Go language, so that you can download Go and Google App Engine SDK for Go instead.
60
Chapter Two
Part Seven Section Two: How To Use Snova On GAE
Among the 7 packages on the Snova Downloads webpage, you can just download "snova-xxx.zip" and "snova-gae-jserver-xx.zip" for Java. After that, extract the zip files you download.
5. Deploy task
Like Hyk-proxy, on Windows, you can run the "install.bat" file in the "snova-gae-jserver-xx" folder; and on Mac/Linux, you can open the Terminal application and enter the following command line: sh /the-path-to/install.sh
Or you can just drag the "install.sh" file from the "snova-gae-jserver-xx" folder and drop it behind the "sh" command. After that, you can see an "AppEngine AppCfg GUI Wrapper" window, such as the following:
61
Chapter Two
Part Seven Section Two: How To Use Snova On GAE
In the window, you can define the location of the "Google App Engine SDK for Java" folder, enter your GAE app ID, select the "snova-gae-jserver-xx" folder as AppLocation, enter your Gmail address and password, then you can click the "Deploy" button to upload the Snova server to your GAE.
62
Chapter Two
Part Seven Section Two: How To Use Snova On GAE
Or you can just drag the "startgui.sh" file from the "snova-xxx" folder and drop it behind the "sh" command. After that, you can open the snova client window, click on the "Config" button of "GAE xxx" in the "Plugins" tab, and click the "New" button to add your APP ID, such as what you can see from the following image:
And you can add more than one App ID, after that, click the "Apply" button.
7. Start Snova
63
Chapter Two
Part Seven Section Two: How To Use Snova On GAE
When the App IDs are added, you can click the "Start" button to connect to the Snova server.
64
Chapter Two
Part Seven Section Two: How To Use Snova On GAE
The above screenshot is for Firefox, and for other browsers, the http proxy settings may be a little different. That's all, and you can surf the internet anonymously and get access to the blocked sites. But same as Hyk-proxy, Snova running on GAE still does NOT work for HTTPS links, until you run it on CloudFoundry, Heroku, OpenShift and/or some other PaaS platforms, which will be introduced later, stay tuned.
65
Chapter Two
Part Seven Section Three: How To Use Snova On Cloud Foundry
On the Cloud Foundry signup page, enter your email address to request a invite, which will be sent to your Inbox with login username and password soon.
2. Install vmc
66
Chapter Two
Part Seven Section Three: How To Use Snova On Cloud Foundry
Vmc is the command-line interface based on Ruby and RubyGems for you to configure your applications and deploying them to Cloud Foundry. For Windows, Ubuntu, Debian or some other systems, you can check out the official instructions, the following will show you how to install vmc on Mac. Open the Terminal application, enter the following command line: sudo gem install vmc
And enter your Mac password if necessary, then you can install vmc. By the way, the installation will take a few minutes and you won't see anything until the gem is installed.
3. Download snova-c4-server-xxx.war
67
Chapter Two
Part Seven Section Three: How To Use Snova On Cloud Foundry
On the Snova Downloads webpage, download the "snova-c4-server-xxx.war" file and put it into a new empty folder, such as "snova-c4-server" used for the following step.
68
Chapter Two
Part Seven Section Three: How To Use Snova On Cloud Foundry
Open the Terminal application, enter the following command line: cd /the-parth-to/snova-c4-server
You can also just drag the "snova-c4-server" folder and drop it behind the "cd" command. After that, you can start to configure and deploy the Snova c4 server to Cloud Foundry by entering the following command lines one by one: vmc target api.cloudfoundry.com vmc login (To enter your Cloud Foundry username and password) vmc push free-nuts (To replace free-nuts with any name you like for the Cloud Foundry app) Would you like to deploy from the current directory? [Yn]: (To enter y)
69
Chapter Two
Part Seven Section Three: How To Use Snova On Cloud Foundry
Detected a Java Web Application, is this correct? [Yn]: (To enter y) Application Deployed URL [free-nuts.cloudfoundry.com]: (To press the RETURN key) Memory reservation (128M, 256M, 512M, 1G, 2G) [512M]: (To press the RETURN key) How many instances? [1]: (To press the RETURN key) Create services to bind to 'free-nuts'? [yN]: ( To enter n) Would you like to save this configuration? [yN]: (To enter y) If all the results are OK, you can visit the page of the following link: free-nuts.cloudfoundry.com
And if you can see something like the following: Welcome to snova-c4 server xxx!
Then you have successfully deployed the Snova server to Cloud Foundry.
70
Chapter Two
Part Seven Section Three: How To Use Snova On Cloud Foundry
Find and open the "c4-client.conf" file via the following path: .../snova-xxx/plugins/c4/conf/c4-client.conf
And uncomment the "WorkerNode [1]" line by changing "xyz" to your Cloud Foundry app name.
6. Configure snova.conf
71
Chapter Two
Part Seven Section Three: How To Use Snova On Cloud Foundry
Find and open the "snova.conf" file via the following path: .../snova-xxx/conf/snova.conf
7. Start Snova
72
Chapter Two
Part Seven Section Three: How To Use Snova On Cloud Foundry
After that, you can start Snova, and if you can see the following message: Start plugin:C4 Success
73
Chapter Two
Part Seven Section Four: How To Use Snova On Heroku
On this Heroku page, enter your email address and sign up an account.
74
Chapter Two
Part Seven Section Four: How To Use Snova On Heroku
After signup, you can receive an email, click the long confirmation link inside, download the Heroku Toolbelt app and install it on your computer.
3. Download snova-c4-heroku-server-xxx.zip
On the Snova Downloads webpage, download the "snova-c4-heroku-server-xxx.zip" file and extract it.
75
Chapter Two
Part Seven Section Four: How To Use Snova On Heroku
Open the Terminal application, enter the following command line: cd /the-parth-to/snova-c4-heroku-server-xxx
You can also just drag the "snova-c4-heroku-server-xxx" folder and drop it behind the "cd" command. After that, you can start to configure and deploy the Snova c4 server to Heroku by entering the following command lines one by one: heroku login (To enter your Heroku account email and password) git init git add . git commit -m "init" heroku create --stack cedar git push heroku master At the end of the results, you can find a random URL like the following: http://obscure-tundra-1542.herokuapp.com/
76
Chapter Two
Part Seven Section Four: How To Use Snova On Heroku
Visit the page of the URL, and if you can see something like the following: Welcome to snova-c4 server xxx!
Find and open the "c4-client.conf" file via the following path: .../snova-xxx/plugins/c4/conf/c4-client.conf
And uncomment the first "WorkerNode [0]" line by changing "xyz" to what you get in Step 4 (such as "obscure-tundra-1542").
77
Chapter Two
Part Seven Section Four: How To Use Snova On Heroku
6. Configure snova.conf
Find and open the "snova.conf" file via the following path: .../snova-xxx/conf/snova.conf
7. Start Snova
78
Chapter Two
Part Seven Section Four: How To Use Snova On Heroku
After that, you can start Snova, and if you can see the following message: Start plugin:C4 Success
79
Chapter Two
Part Seven Section Five: How To Use Snova On OpenShift
On the signup page of OpenShift, you can enter your email address, password and the CAPTCHA code to create an account.
2. Download snova-c4-server-xxx.war
80
Chapter Two
Part Seven Section Five: How To Use Snova On OpenShift
On the Snova Downloads webpage, download the "snova-c4-server-xxx.war" file and put it into a new empty folder, such as "openshift" used for the following steps.
3. Install rhc
On Mac, you can install rhc with the following command line: sudo gem install rhc
On Windows and Linux, you can check out the official page for the instructions.
81
Chapter Two
Part Seven Section Five: How To Use Snova On OpenShift
On the Terminal application, you can enter the openshift folder with the command line: cd /the-parth-to/openshift
Or you can just drag the "openshift" folder and drop it behind the "cd" command. After that, you can start to configure and deploy the Snova c4 server to OpenShift by entering the following command lines one by one: Command line 1: rhc domain create -n freenutsdot -l xxx@gmail.com -p 123456
(To create a sub domain "freenutsdot.rhcloud.com" for your OpenShift account. Remember to change "freenutsdot" to any name you like, to change "xxx@gmail.com" to your registered email address and to change "123456" to your OpenShift password. ) Command line 2:
82
Chapter Two
Part Seven Section Five: How To Use Snova On OpenShift
(To create an app, which name will be used before the domain created above. Remember to change "fn" to any name you like, and to change "123456" to your OpenShift password, then you can get a folder with the same name of the app (such as "fn") in your current directory (such as "openshift"). Command line 3: cd fn
(To conduct commands in the app folder created above.) Command line 4: mv ../snova-c4-server-xxx.war deployments/ROOT.war
(To move the "snova-c4-server-xxx.war" file into the "deployments" directory of the "fn" folder and rename it to "ROOT.war".) Command line 5: git rm -r src pom.xml
(To delete the src folder and the pom.xml file.) Command line 6: git init
83
Chapter Two
Part Seven Section Five: How To Use Snova On OpenShift
(To add the ROOT.war mode.) Command line 8: git commit -a -m "haha"
(To confirm and see the changes, you can replace "haha" with any message you like.) Command line 9: git push
(To upload the ROOT.war file to your OpenShift app.) If no error appears, you can visit the page of the following URL: http://fn-freenutsdot.rhcloud.com/
Remember to replace "fn-freenutsdot" with your app name and sub domain. And if you can see something like the following: Welcom to snova-c4 server xxx!
84
Chapter Two
Part Seven Section Five: How To Use Snova On OpenShift
(Welcom is a typo, which should be Welcome.) Then you have successfully deployed the Snova server to OpenShift.
Supposing that you have installed Snova on GAE as mentioned before, then you can find and open the "c4-client.conf" file via the following path: .../snova-xxx/plugins/c4/conf/c4-client.conf
85
Chapter Two
Part Seven Section Five: How To Use Snova On OpenShift
And enter your OpenShift app domain (such as "fn-freenutsdot.rhcloud.com") at the end line of "WorkerNode [0]". By the way, Snova supports multiple c4 plugins together, so that you can also add the domains of your Cloud Foundry and/or Heroku apps in the same "c4-client.conf" file, just make sure the numbers behind "WorkerNode" are different from each other.
6. Configure snova.conf
Find and open the "snova.conf" file via the following path: .../snova-xxx/conf/snova.conf
And change the "ProxyService" value from "GAE" to "C4". By the way, you can skip this step if you have ever done this before.
7. Start Snova
86
Chapter Two
Part Seven Section Five: How To Use Snova On OpenShift
After that, you can start Snova, and if you can see the following message: Start plugin:C4 Success
Then you can visit the HTTPS links normally, as what you can do with the Cloud Foundry or Heroku plugins.
87
Chapter Two
Part Seven Section Six: How To Use Snova On Jelastic
1. Download snova-c4-server-xxx.war
On the Snova Downloads webpage, download the "snova-c4-server-xxx.war" file, and you can skip this step if which you have done before.
88
Chapter Two
Part Seven Section Six: How To Use Snova On Jelastic
On the Jelastic homepage, enter your email address to sign up an account, which login username and password will be emailed to you soon.
89
Chapter Two
Part Seven Section Six: How To Use Snova On Jelastic
After login, you can see an "Environment topology" window, on which, you can enter an "Environment name" (such as "freenuts"), which will generate you one Jelastic app domain (such as "freenuts.jelastic.servint.net"), and then click the "Create" button.
4. Upload snova-c4-server-xxx.war
Click the "Upload" button, and browse to upload the "snova-c4-server-xxx.war" file you downloaded. By the way, you can enter anything into the "Comment" box if you like.
90
Chapter Two
Part Seven Section Six: How To Use Snova On Jelastic
Moving the cursor over the name of the uploaded "snova-c4-server-xxx.war" file, you can see a yellow icon, clicking on which, you can see the Environment name, clicking on which, you can see a pop-up window, and clicking on its "Deploy" button directly without changing anything, then you can deploy the C4 plugin to Jelastic.
91
Chapter Two
Part Seven Section Six: How To Use Snova On Jelastic
Supposing that you have installed Snova on GAE as mentioned before, then you can find and open the "c4-client.conf" file via the following path: .../snova-xxx/plugins/c4/conf/c4-client.conf
And enter your Jelastic app domain (such as "freenuts.jelastic.servint.net") at the end line of "WorkerNode [0]". By the way, Snova supports multiple c4 plugins together, so that you can also add the domains of your Cloud Foundry, Heroku, and/or OpenShift apps in the same "c4-client.conf" file, just make sure the numbers behind "WorkerNode" are different from each other.
92
Chapter Two
Part Seven Section Six: How To Use Snova On Jelastic
7. Configure snova.conf
Find and open the "snova.conf" file via the following path: .../snova-xxx/conf/snova.conf
And change the "ProxyService" value from "GAE" to "C4". By the way, you can skip this step if you have ever done this before.
8. Start Snova
93
Chapter Two
Part Seven Section Six: How To Use Snova On Jelastic
After that, you can start Snova, and if you can see the following message: Start plugin:C4 Success
Then you can visit the HTTPS links normally, as what you can do with the Cloud Foundry, Heroku and/or OpenShift plugins.
94
Chapter Two
Part Eight: Best 2 Extensions For You To Manage Network Proxy Settings
Part Eight: Best 2 Extensions For You To Manage Network Proxy Settings
Whether Freegate, Tor, Snova or any other proxy clients or SSH tunnels, you need to change the network proxy settings before you can use them to unblock those blocked sites. Although their proxy addresses are same (127.0.0.1), their ports are usually different, for example, Freegate is 8580, Tor is 9050, Snova is 48100, etc., instead to change the port value manually every time when transferring one proxy to another, you can use the following 2 free extensions to do that automatically.
1. SwitchySharp
SwitchySharp (or Proxy SwitchySharp) is a Chrome extension. After installation, you can see a new tab of SwitchySharp Options, on which, you can enter a proxy's name as the Profile Name, and set the Manual Configuration. For FreeGate, GappProxy, Goagent, Hyk-proxy, Snova or UltraSurf, you can enter 127.0.0.1 together with its port in the HTTP Proxy column and check the "Use the same proxy server for all protocols" box; for Tor or SSH, you can just enter 127.0.0.1 together with port 9050 or 7070 in the SOCKS Hosts (SOCKS v4) column.
95
Chapter Two
Part Eight: Best 2 Extensions For You To Manage Network Proxy Settings
After that, click the "Save" button, then, you can click on the SwitchySharp icon in the Toolbar, and select the Profile Name to use the proxy service. Bonus: To find an alternative Chrome extension, you can check out Proxy Switchy, which is nearly same as SwitchySharp, but not so popular.
2. FoxyProxy Standard
FoxyProxy Standard is a Firefox extension. After installation, you can see the extension icon in both Navigation Toolbar and Add-on Bar, click on which, you can start to add proxy configuration by clicking on the "Add New Proxy" button in the settings window. For FreeGate, GappProxy, Goagent, Hyk-proxy, Snova or UltraSurf, you can enter 127.0.0.1 together with its port in the Host or IP Address column of the Proxy Details tab. And for Tor or SSH tunnel, you also need to check the "SOCKS proxy?" box as well as the "SOCKS v4/4a" box. For better experience, you can enter the proxy service's name as Proxy Name in the General tab if you like. After that, click the "OK" button, then you will see a new pop-up with the following message:
96
Chapter Two
Part Eight: Best 2 Extensions For You To Manage Network Proxy Settings
You didn't enter and enable any whitelisted (inclusive) URL patterns. This means the proxy won't be used unless FoxyProxy is set to "Use Proxy tor for all URLs". Continue anyway?
Just click on the "OK" button, then you can select the proxy name from the "Select Mode" column in the top of the settings window and use its proxy service. Bonus: AutoProxy is also a free Firefox add-on like FoxyProxy Standard. By the way, whichever extension you are using, you can add some rules to or not to visit some sites via proxy if you like, and then FoxyProxy Standard won't ask you if to "Continue anyway?" any more.
97
Chapter Three
Free VPN Services
Chapter Three
Free VPN Services
While proxy can be taken as a carrier, who helps delivery your message to another person, VPN (Virtual Private Network) will be like the person's office staff, who also helps you delivery your message to that person. While proxy only works for the application you assign to, and basically the browsers only, VPN will works for your entire device, whether browsers, email clients, app stores or any other application that connects to the internet. While you need to set the browser HTTP proxy addresses to use a proxy service, you don't need to do that with VPN services. So, generally speaking, VPN is safer than Proxy. Image Credit: http://en.wikipedia.org/wiki/Virtual_private_network
98
Chapter Three
Part One: Free PPTP VPN Services
On any download page of the SecurityKISS website, you can enter your email address and get 2 PPTP/L2TP VPN accounts in your Inbox, one is from USA, the other is from UK. Besides, you can also sign in your SecurityKISS account with the username and password received to get
99
Chapter Three
Part One: Free PPTP VPN Services
more VPN servers from USA, UK, France and/or some other countries. And besides PPTP/L2TP, SecurityKISS also offers free OpenVPN services for Windows, Mac/Linux systems. By the way, no matter which or how many VPN services you are using, the free traffic data is up to 300 MB per day. 2. Super Free VPN
Open the Super Free VPN website, you can see the account, which server and username are fixed, while password will be changed in up to 8 hours. By the way, in case the "superfreevpn.com" domain is blocked in your area (such as China), you can change it to the following IP address: 69.60.121.29
3. JustFreeVPN
100
Chapter Three
Part One: Free PPTP VPN Services
Open the JustFreeVPN website, you can see 3 free PPTP VPN accounts, one is from USA, one is from UK, and one is from CA. For different accounts, their servers are different, usernames are all "justfreevpn", and passwords will be changed in uncertain times. 4. UFreeVPN
101
Chapter Three
Part One: Free PPTP VPN Services
The UFreeVPN website offers one USA, one UK and one CA free PPTP VPN services, which servers are different, but usernames and passwords are fixed, so that you do not need to change passwords often. 5. NewFreeVPN
102
Chapter Three
Part One: Free PPTP VPN Services
On 3 different pages of the NewFreeVPN website, you can find out 3 different free PPTP VPN accounts, one is from US, one is from UK, and one is from Canada, the servers of them are different, but the username (free) and password (1234) are same. 6. Tsunagarumon
Tsunagarumon is a Japanese free PPTP VPN. On the Entry page, enter your email address, check to agree the service terms, click on the red button, double-check your email address, and click on the next red button, then you can get an email from Tsunagarumon. Clicking on the link in the email, you can receive your free PPTP VPN account soon. 7. FreeCanadaVPN
103
Chapter Three
Part One: Free PPTP VPN Services
FreeCanadaVPN is a Canada PPTP VPN, which server is "freecanadavpn.com", username is "free", and password will be changed and displayed on the right top of the page irregularly. 8. BestUKVPN
As the name, BestUKVPN is a UK PPTP VPN, which server is "bestukvpn.com", username is "free" and
104
Chapter Three
Part One: Free PPTP VPN Services
As a Romania free PPTP VPN, Zace Book's server is "vpn.zacebook.com", username is "VPN", and password will be updated every one or two days. 10. VPN Book
105
Chapter Three
Part One: Free PPTP VPN Services
VPN Book is also a Romania VPN, which PPTP server is "pptp.vpnbook.com", username is "pptp", and password will be changed every one or two days. Besides PPTP, VPN Book also offers free OpenVPN services. Among the above 10 free PPTP VPN services, SecurityKISS is the best, but only with 300 MB traffic per day. Bonus: Like Super Free VPN mentioned before, if the server host name of any other free PPTP VPN is blocked in your area, you can ping and change it to the server's IP address.
106
Chapter Three
Part Two: Free VPN Softwares
1. SecurityKiss
The VPN software SecurityKiss works for Windows only, but brings you 300MB of data transfer per day for free. No registration is required, you can just download and install the SecurityKiss software, then run and connect it. If the connection fails, you can try to select another VPN server.
2. ProXPN
107
Chapter Three
Part Two: Free VPN Softwares
The VPN software ProXPN is workable for Windows and Mac computers. Create a ProXPN account, download, install and run the software, then you can connect the VPN service with your username and password, but there will be a ProXPN landing page before you can visit the site you intend to.
3. Private Tunnel
108
Chapter Three
Part Two: Free VPN Softwares
Private Tunnel is a OpenVPN service, workable on Windows and Mac. You can create an account, download the OpenVPN Connect package, choose to connect the San Jose, CA (US), London (UK) or Zurich (CH) server, then you can use the Private Tunnel service, but only 100 MB free traffic.
4. Hotspot Shield
109
Chapter Three
Part Two: Free VPN Softwares
With English, French, Chinese and some other languages support, Hotspot Shield offers a free VPN solution with unlimited bandwidth for Windows and Mac. Just download and install the software, then you can run and connect the VPN service, but there will be ads on the top of the webpages you visit.
5. ExpatShield
110
Chapter Three
Part Two: Free VPN Softwares
Like Hotspot Shield, ExpatShield is also a free VPN software offers unlimited bandwidth with ads and supports multiple languages. But ExpatShield is only workable for Windows computer system.
6. Cloak VPN
111
Chapter Three
Part Two: Free VPN Softwares
Cloak VPN supports Mac, iPhone and iPad. After registration, download the right Cloak VPN clients according to your device operating systems, then you can connect and use the VPN service directly. By the way, you can use the Cloak VPN services on both of your OS and iOS devices with up to 1G traffic and 2 hours EVERY month as a free user. Among the above 6 free VPN softwares, I prefer to use SecurityKiss and ProXPN, how about you? Which ones are your favorite?
112
Chapter Three
Part Three: How To Build A VPN
The following will show you how to build a PPTP, L2TP and OpenVPN on a VPS based on the Mac Terminal application in 3 separate posts. First of all, run your Terminal, and enter the following command: ssh root@xxx.xxx.xxx.xxx Just replace "xxx.xxx.xxx.xxx" with your VPS' IP, such as "178.18.17.212". Then you will see the following message: Are you sure you want to continue connecting (yes/no)? Enter "yes" and press the "Return" key, then, enter your password and press the "Return" key. P.S.: If you've rebuilt your VPS, you may meet the following error: Host key verification failed. In that case, enter the following command at first:
113
Chapter Three
Part Three: How To Build A VPN
ssh-keygen -R xxx.xxx.xxx.xxx Remember to replace "xxx.xxx.xxx.xxx" with your VPS' IP address. After that, you can start to build your own VPN.
114
Chapter Three
Part Three Section One: How To Build A PPTP VPN
After connecting to your server via SSH, you can build your own PPTP VPN with the following 8 steps: 1. Install PPTPD Install the PPTPD package with the following command: apt-get install pptpd
2. Edit the VPN interface IP addresses Open the pptpd.conf file with the following code: nano /etc/pptpd.conf
Press the Enter key, find and uncomment the following 2 lines:
115
Chapter Three
Part Three Section One: How To Build A PPTP VPN
And change them to the following ones: ms-dns 8.8.8.8 ms-dns 8.8.4.4
116
Chapter Three
Part Three Section One: How To Build A PPTP VPN
Press the Return key, find and uncomment the following line: #net.ipv4.ip_forward=1
6. Apply the forward Your forward change won't be active immediately, and you need to apply it with the following commend: sysctl -p
If everything is correct, then you can see the following result: net.ipv4.ip_forward = 1
117
Chapter Three
Part Three Section One: How To Build A PPTP VPN
7. Allow the routing Copy and paste the following command: iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE
Press the Return key to run the command. 8. Restart PPTPD Copy and paste the following command: /etc/init.d/pptpd restart
Press the Return key, then you can use your PPTP VPN with the username and password you've set before.
118
Chapter Three
Part Three Section Two: How To Build A L2TP VPN
To build an L2TP/IPSec VPN, you can follow the following 6 steps: 1. Install OpenSwan Enter the following command lines one by one: aptitude install build-essential
wget http://www.openswan.org/download/openswan-2.6.35.tar.gz
119
Chapter Three
Part Three Section Two: How To Build A L2TP VPN
cd openswan-2.6.35
make programs
make install
Remember to press the "Return" key when entering any one of the above lines. By the way, 2.6.35 is the latest version during my test, and you can check the OpenSwan website to see if there is a new version later, if yes, you can use it instead. 2. Edit IPSec Firstly, open the ipsec.conf file with the following command: vi /etc/ipsec.conf
Delete all the existing contents, and paste the following ones: version 2.0 config setup nat_traversal=yes virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0 /12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10 oe=off protostack=netkey conn %default
120
Chapter Three
Part Three Section Two: How To Build A L2TP VPN
forceencaps=yes conn L2TP-PSK-NAT rightsubnet=vhost:%priv also=L2TP-PSK-noNAT conn L2TP-PSK-noNAT authby=secret pfs=no auto=add keyingtries=3 rekey=no ikelifetime=8h keylife=1h type=transport left=YOUR.VPS.IP.ADDRESS leftprotoport=17/1701 right=%any rightprotoport=17/%any
Remember to change YOUR.VPS.IP.ADDRESS to your VPS IP address, such as 178.18.17.30 for this tutorial. Secondly, open the ipsec.secrets file with the following code: vi /etc/ipsec.secrets
121
Chapter Three
Part Three Section Two: How To Build A L2TP VPN
Thirdly, enter the following command lines one by one: for each in /proc/sys/net/ipv4/conf/* do echo 0 > $each/accept_redirects echo 0 > $each/send_redirects done
Remember to press the "Return" key after every command line. Fourthly, restart IPSEC with the following command: service ipsec restart
3. Install L2TP Go back to the root directory, and install the L2TP package with the following command line: aptitude install xl2tpd
After installation, open the conf file with the following code: vi /etc/xl2tpd/xl2tpd.conf
Delete all the existing content and paste the following one: [global]
122
Chapter Three
Part Three Section Two: How To Build A L2TP VPN
; listen-addr = 192.168.1.98 [lns default] ip range = 10.1.1.2-10.1.1.255 local ip = 10.1.1.1 require chap = yes refuse pap = yes require authentication = yes name = LinuxVPNserver ppp debug = yes pppoptfile = /etc/ppp/options.xl2tpd length bit = yes
Then insert the following codes: require-mschap-v2 ms-dns 8.8.8.8 ms-dns 8.8.4.4 asyncmap 0 auth crtscts lock hide-password modem debug name l2tpd proxyarp lcp-echo-interval 30 lcp-echo-failure 4
123
Chapter Three
Part Three Section Two: How To Build A L2TP VPN
Press the "Return" key, find the line of "#net.ipv4.ip_forward=1" and uncomment it. After that, enter the following command:
124
Chapter Three
Part Three Section Two: How To Build A L2TP VPN
sysctl -p
Press the "Return" key, then you will only see "net.ipv4.ip_forward=1" as the result if everything is right. After that, enter the following command: iptables -t nat -A POSTROUTING -s 10.1.1.0/24 -o eth0 -j MASQUERADE
6. For reboot Now, you can connect your L2TP/IPSec VPN, but if you reboot your VPS, your forwarding settings will be gone, to avoid this, you can enter the following command: vi /etc/rc.local
Press the "Return" key and paste the following contents before the "exit 0" line: for each in /proc/sys/net/ipv4/conf/* do echo 0 > $each/accept_redirects echo 0 > $each/send_redirects done iptables -t nat -A POSTROUTING -s 10.1.1.0/24 -o eth0 -j MASQUERADE /etc/init.d/ipsec restart
125
Chapter Three
Part Three Section Three: How To Build An OpenVPN
It is also easy to build an OpenVPN with the following 9 steps: 1. Install OpenVPN Enter the following command to install OpenVPN: apt-get install openvpn
2. Move easy-rsa into the correct place Enter the following command: cp -R /usr/share/doc/openvpn/examples/easy-rsa /etc/openvpn
126
Chapter Three
Part Three Section Three: How To Build An OpenVPN
Press the "Return" key, then you can move the easy-rsa folder to the OpenVPN directory. 3. Generate keys Enter the following commands one by one: cd /etc/openvpn/easy-rsa/2.0 . ./vars ./clean-all ./build-ca ./build-key-server server ./build-key client ./build-dh
Remember to press the "Return" key at each line, and answer "yes" to all "yes/no" questions: 4. Apply iptables rules Enter the following command: vi /etc/sysctl.conf
Press the "Return" key, find the line of "#net.ipv4.ip_forward=1" and uncomment it. After that, enter the following code: sysctl -p
127
Chapter Three
Part Three Section Three: How To Build An OpenVPN
Then create iptables rules with the following command: iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to 178.18.17.142
Remember to replace "178.18.17.142" with the actual IP address of your server. 5. Create the VPS OpenVPN configuration file Enter the following command: # vi /etc/openvpn/server.conf
And paste the following contents: port 1194 proto udp dev tun ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt cert /etc/openvpn/easy-rsa/2.0/keys/server.crt key /etc/openvpn/easy-rsa/2.0/keys/server.key dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" client-to-client duplicate-cn keepalive 10 120
128
Chapter Three
Part Three Section Three: How To Build An OpenVPN
comp-lzo user nobody group nogroup persist-key persist-tun status openvpn-status.log log /var/log/openvpn.log verb 3
6. Start OpenVPN You can start OpenVPN with the following command: # /etc/init.d/openvpn start
7. Create the PC OpenVPN configuration file Enter the following command: vi /etc/openvpn/easy-rsa/2.0/keys/client.conf
And insert the following contents: client dev tun proto udp remote 178.18.17.142 1194 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt
129
Chapter Three
Part Three Section Three: How To Build An OpenVPN
Remember to replace "178.18.17.142" with your own VPS' IP address. 8. For reboot In order to redo the above iptables settings when you reboot your VPS, you can enter the following command: vi /etc/rc.local
And insert the following contents above the line of "exit 0" : iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to 178.18.17.142 openvpn /etc/openvpn/server.conf
Remember to replace "178.18.17.142" with the actual IP address of your VPS. 9. Download some things to your PC You need to download the following 4 files to your local PC: client.conf ca.crt client.crt client.key To do so, you can use Fetch (for Mac), WinSCP (for Windows) or some other SFTP software.
130
Chapter Three
Part Three Section Three: How To Build An OpenVPN
When it is finished, go to the root of your user name, and move the 4 download files to your local OpenVPN configurations folder, then your own OpenVPN is ready.
131
Chapter Three
Part Four: How To Set Up VPN
132
Chapter Three
Part Four: How To Set Up VPN
2. Your username, 3. Your password, 4. Your Shared Secret (for L2TP only). By the way, when the host name is blocked in your area, you can try to replace it with the IP address. And when you get an OpenVPN, you can run it with or without username and password after download.
On the option page, enter your host name or IP address, and then you can connect the VPN with your username and password. For the step-by-step tutorials of how to set up VPN in your computer and mobile phone, you can check out the links of StrongVPN as mentioned in the beginning of this post.
133
Chapter Four
Free SSH Services
Chapter Four
Free SSH Services
In my opinion, SSH (Secure Shell) is a proxy server indeed, but safer. While proxy can be taken as a carrier who helps delivery your message to another person, SSH will be like to put the message in a locked box before passing it to the carrier, and only you have to key. Although it is easy to build a SSH tunnel, which will cost some money, since you need a VPS, cloud computing or dedicated server to do that, like what you need to build a VPN.
134
Chapter Four
Part One: Free SSH Tunnels
1. Alidage
On the Alidage homepage, you can enter your email address, and press the Enter key, the you can get your free SSH tunnel account via email. The password will be changed every one hour, then you will need to enter your email address again to get the new one. 2. Onlybird
135
Chapter Four
Part One: Free SSH Tunnels
The Onlybird website offers 2 different free SSH tunnel accounts, which you can see directly by clicking on the above link. By the way, the password will be changed every 4 hours, and the server port is 9999, instead of the default 22. 3. BlueSSH
136
Chapter Four
Part One: Free SSH Tunnels
BlueSSH offers one free SSH tunnel account, which you can see on the free account page. The server port is 80 or 443, and the password will be changed every half an hour. 4. Usassh
137
Chapter Four
Part One: Free SSH Tunnels
Usassh offers 2 free SSH severs, but the one with 22 port was not available now. And the other one with port 80 or 443 will update its password every o'clock. While the above 4 websites are all Chinese, the following one is English: 5. Tor VPN
138
Chapter Four
Part One: Free SSH Tunnels
On the Tor VPN website, you can sign up the Trial account and get a free SSH tunnel for one month, with up to 1 GB traffic. By the way, besides SSH, you can also have a free OpenVPN account. Among the above 4 free SSH tunnels, Tor VPN is blocked in China, but the other 4 are not, have fun!
139
Chapter Four
Part Two: How To Create A SSH Tunnel
Supposing that you've had a VPS, which IP is 94.249.184.93, then you can open your Terminal application and enter the following command line: ssh -N -D 7070 root@94.249.184.93
Remember to replace "94.249.184.93" with the IP address of your own VPS, and press the "Return" key, then enter your VPS account password, if nothing appear as a result, your SSH tunnel will be built successfully. By the way, if you have created a VPN in your VPS, you can still use your VPS as a SSH tunnel. But the above way is only available for you to use the SSH tunnel yourself, unless you want to share your whole VPS account with others. And to share a SSH tunnel account only with others, you can create a new and limited user instead of "root" by referring to the following 4 steps: 1. Log in your VPS root Open a Terminal window, and enter the following command: SSH root@94.249.184.93
140
Chapter Four
Part Two: How To Create A SSH Tunnel
Remember to replace "94.249.184.93" with your own VPS IP. 2. Create a group Enter the following command: groupadd internetfreedom
You can replace "internetfreedom" with any name you like. 3. Create a limited user useradd -d /home/freenutsdotcom -m -g internetfreedom -s /bin/false freenutsdotcom
The above command will create a new SSH user "freenutsdotcom" in the "internetfreedom" group, and who can't log in your VPS. 4. Create a password for the new user Enter the following command: passwd freenutsdotcom
You can enter any password (such as "123456") for the new user. Now, you can share the username and password with your friends, who can then use your VPS SSH with the following command: ssh -N -D 7070 freenutsdotcom@94.249.184.93
141
Chapter Four
Part Two: How To Create A SSH Tunnel
Remember to replace "freenutsdotcom" with the new user, and "94.249.184.93" with your own VPS IP.
142
Chapter Four
Part Three: How To Connect To SSH Tunnel
By the way, when using SSH Tunnel Manager, you will need to "Enable SOCKS4 proxy" and set the port as "7070". Besides to use those softwares mentioned before, you can also open Terminal and connect to your SSH
143
Chapter Four
Part Three: How To Connect To SSH Tunnel
tunnel with the following one command line: SSH -N -D 7070 guest@s4.alidage.org
For Windows, you can install the "Putty" software to run the above command, and for Mac OS X, you can open the Terminal application and enter the above commend directly. And if you are not using Alidage's SSH tunnel, remember to replace "s4.alidage.org" with your SSH server, and replace "guest" with its username. And if the SSH tunnel is still available, then you can enter the password and connect to it successfully, as what you can see from the following image:
The above command line is for the default port 22, if your SSH server's port is 80 or something else, then you will need to add "-p 'port'" in the command line, such as: SSH -N -p 80 -D 7070 guest@s4.alidage.org
When the connection is successful, you can open your browser and set the SOCKS Proxy Sever IP address to 127.0.0.1 with port 7070. For Chrome browser, you can find the settings page via the following path: Preference > Show advanced settings > Network > Change Proxy Settings
144
Chapter Four
Part Three: How To Connect To SSH Tunnel
The above configuration will be also workable for Safari, and for Firefox, the configuration will be nearly the same, and you can find the proxy settings page via the following path: Preference > Advanced > Network > Settings
145
Chapter Five
The Differences Among Proxy, SSH And VPN
Chapter Five
The Differences Among Proxy, SSH And VPN
Although there are over one hundred of anti-censorship tools, most of which are Proxy, SSH and VPN. So, what are the differences among Proxy, SSH and VPN? Which one is the most safe? Let's take information transmission as a package, and comparing them with the following 3 metaphors: 1. Proxy
Proxy (or Proxy Server) can be taken as a carrier who helps delivery your package to another person. 2. SSH
146
Chapter Five
The Differences Among Proxy, SSH And VPN
As an encrypted tunnel, SSH?Secure Shell) can't bypass the internet censorship (such as GFW in China) itself, but only when integrating with Proxy servers. So, SSH here will be like to put the package into a locked box before passing it to the carrier, and only you have to key. 3. VPN
147
Chapter Five
The Differences Among Proxy, SSH And VPN
While both Proxy and SSH can be taken as carriers, who help delivery your package to another person, VPN (Virtual Private Network) will be like the person's office staff, who also helps you delivery your package to that person. Supposed that your colleague is more reliable than the carrier, and all of them are built in a same server, VPN is safer than SSH, and SSH is safer than Proxy. While Proxy and SSH only work for the application you assign to, and basically the browsers only, VPN will work for your entire device, whether browsers, email clients, app stores or any other applications connected to the internet. And you need to set the browser HTTP proxy addresses to use a Proxy or SSH service, but you don't need to do that with VPN services.
148
Chapter Six
How To Access Blocked Sites With Google Reader
Chapter Six
How To Access Blocked Sites With Google Reader
As you may know that Google Reader is available for you to subscribe to the RSS feeds of websites, but do you know that it is also a good way for you to bypass the internet censorship and access blocked sites? The following will show you how to get access to a blocked site with Google Reader in 2 steps: 1. Subscribe to the RSS feed If the blocked site offers a RSS feed, you can subscribe to it directly with Google Reader:
And if not, you can visit the Page2RSS website, enter the URL of the site to generate its RSS feed:
149
Chapter Six
How To Access Blocked Sites With Google Reader
After that, copy the URL of the RSS feed and subscribe to it in your Google Reader. 2. Enable the secure browsing For the RSS feed of a blocked site, you may fail to read it on Google Reader as default, such as what you can see from the following image:
To solve the problem, you can just add "https://" at the beginning of the URL, such as what you can see from the following image:
150
Chapter Six
How To Access Blocked Sites With Google Reader
Cool, right? By the way, Google Reader is only available for you to read the RSS feed of a blocked site, and if you want to leave a comment, to post a tweet, to share on Facebook or to do some other interactions, you can check out VPN, Proxy, SSH or some other free anti-censorship tools.
151
Chapter Seven
How To Access Blocked Sites With The Hosts File
Chapter Seven
How To Access Blocked Sites With The Hosts File
To unblocked a blocked site (such as Facebook), you can check out VPN, SSH, Proxy and some other free anti-censorship tools as mentioned before. In fact, you can even unblocked blocked sites without any third-party tools, but just by changing the hosts file on your own computer. The following will show you how to change the Hosts file and unblocked the Facebook site in 3 steps: Step 1. Find the IP addresses
For Facebook, Twitter, YouTube and some other big sites, each of them usually has more than one IP address, so, how to find out all the IP addresses of a site?
152
Chapter Seven
How To Access Blocked Sites With The Hosts File
You can visit the CacheCheck page of OpenDNS, enter the domain of the site (such as facebook.com), and click on the "Check this domain" button, then you can see the site's IP addresses from all over the world. Step 2. Find one unblocked IP
Among all the IP addresses of the site, some of them may be blocked in your area, while the others are not, so how to figure them out? The most easy way is to ping them on your computers. For Windows, you can open the Command Prompt (cmd.exe), and for Mac OS, you can open the Terminal application, then enter the following command: ping 66.220.152.16
The above "66.220.152.16" is one of Facebook's IP addresses, remember to change it to the one you are going to ping. If there is a "timeout" error in the result, then the IP address is blocked in your area, if not, then you are lucky to add it to the hosts file. Step 3. Edit the hosts file
153
Chapter Seven
How To Access Blocked Sites With The Hosts File
The hosts file is something like a DNS system, so we can locate the blocked site's domains to its unblocked IP addresses and then bypass the internet censorship. For Windows, you can find the hosts file in the following address: C:\WINDOWS\system32\drivers\etc
And for Mac OS, you can find and open the hosts file by entering the following command on the Terminal application: sudo vi /private/etc/hosts
When the hosts file is opened, you can add the blocked site's unblocked IP addresses with domains in the end of the file. Take Facebook for example, you can enter the following 2 lines: 66.220.152.16 facebook.com 66.220.152.16 www.facebook.com
154
Chapter Seven
How To Access Blocked Sites With The Hosts File
Besides, you can also add more sub-domains (such as developers.facebook.com) with their unblocked IP addresses if any. After that, save the hosts file, then you can visit the Facebook site directly without any anti-censorship tools, but, you need to use "HTTPS" instead of "HTTP" in the URL, which means that you need to visit the facebook via the following URL: https://facebook.com
or https://www.facebook.com
A piece of cake, right? But, if all the IP addresses of a site are blocked in your area (for example, all the Twitter IP addresses are blocked in China), you can't unblocked it by changing the hosts file.
155
Chapter Eight
How To Access Blocked Sites Via gogoCLIENT
Chapter Eight
How To Access Blocked Sites Via gogoCLIENT
IPv4 will be out of use soon, so we have IPv6 now, and which are used by Facebook, Google, Twitter and some other famous websites blocked in China. If your broadband supports IPv6 access, then you can visit those IPv6 sites directly, if not, you can do that indirectly with some third-party tools, such as gogoCLIENT. The following will show you how to access blocked sites via gogoCLIENT:
On the gogoCLIENT page, click on the "Sign Up" button, enter your email address or connect with Facebook, Google, Twitter or some other social network and create a gogo6 account.
2. Download gogoCLIENT
156
Chapter Eight
How To Access Blocked Sites Via gogoCLIENT
After registration, log in and open the gogoCLIENT page mentioned above again, then you can down the gogoCLIENT clients. Up till now, gogoCLIENT supports 32 bit and 64 bit Windows systems with both Basic Version and Home Access Version (= basic version + home access). Besides, gogoCLIENT also supports Linux/Unix/MacOS/BSD systems with source code, which need to be installed via the MAKE command, and you can check out the Guide (PDF) file for more details. The following will show you how to use the basic version on Windows.
3. Connect gogoCLIENT
157
Chapter Eight
How To Access Blocked Sites Via gogoCLIENT
After installation, run the gogoCLIENT Utility client, and click on the "Connect" button, if the connection is successful, then you can get access to the blocked sites with IPv6 addresses via any of the following 3 ways: 3.1 Via suffix
158
Chapter Eight
How To Access Blocked Sites Via gogoCLIENT
In the end of the domain of any IPv6 supported site, add the following suffix: .sixxs.org
Take Twitter for example, you can visit its website via the following URL: http://twitter.com.sixxs.org
159
Chapter Eight
How To Access Blocked Sites Via gogoCLIENT
Ago, you could open the network connection settings page, select the "Automatic proxy configuration URL" option, and enter the following URL: http://gfw-proxy.co.cc/proxy.pac
Then you were able to access the blocked sites with IPv6 supported. But now, the above PAC (Proxy auto-config) file is not workable any more, and I haven't found any alternatives yet. 3.3 Via Hosts
160
Chapter Eight
How To Access Blocked Sites Via gogoCLIENT
As mentioned before, you can unblock those blocked sites by adding their IPv4 addresses into the hosts file, now with gogoCLIENT, you can also add their IPv6 addresses. On Windows, you can find the hosts file in the following address: C:\WINDOWS\system32\drivers\etc
On Max OS X, you can find and open the hosts file by entering the following command line on the Terminal application: sudo vi /private/etc/hosts
After that, visit this ipv6-hosts (Chinese) page, copy the IPv6 addresses as well as their domains of Google, YouTube, Twitter and/or some other sites listed, and paste them into the hosts file, then you can unblocked those sites. For those blocked sites which are not listed, you can find if they have any IPv6 addresses via the IPv6 Test
161
Chapter Eight
How To Access Blocked Sites Via gogoCLIENT
web app.
162
Chapter Nine
How To Check If A Site Is Blocked
Chapter Nine
How To Check If A Site Is Blocked
When you can visit site A, but not site B on a same browser with a same device at a same time, then site B must be down or blocked in your area. So, how to tell if a site is blocked or not? You can check out the following 3 ways: 1. To visit it with anti-censorship tools, 2. To ping it with command lines, 3. To test it with third-party apps. And to check out if a site is blocked in China, you can use the WebSitePulse service, which will tell you if a site is blocked in Shanghai, Beijing, Guangzhou or Hong Kong.
163
Chapter Nine
Part One: Check If A Site Is Blocked With Anti-censorship Tools
Enter the URL of the site you want to test into the address bar of your Chrome, IE, Firefox or any other browser, If you can open it with VPN, SSH, Proxy or any other anti-censorship tools, but can't without any of them, then the site must be blocked in your area. And if not, then the site must be down.
164
Chapter Nine
Part Two: Check If A Site Is Blocked By Pinging It
For Windows, you can open the Command Prompt (cmd.exe), and for Mac OS, you can open the Terminal application, then enter the following command: ping twitter.com
Remember to change the above "twitter.com" to the site you are going to ping. If there are all "timeout" errors in the result, then the site is blocked in your area or its server is down, so how to figure it out? You can run a VPN and ping the site again, if there are no or few errors, the site is blocked, and if there are still all "timeout" errors, then the site is down.
165
Chapter Nine
Part Three: Top 10 Websites For You To Check If A Site Is Blocked
1. Just Ping
The Just Ping website will ping the domain you enter from 50 locations around the world, unless there is no "Okey" in the result, your site is blocked in that location where the result is "Packets lost (100%)". But the results are different every time I checked, so that you'd better check more than one time.
2. Watch Mouse
166
Chapter Nine
Part Three: Top 10 Websites For You To Check If A Site Is Blocked
Watch Mouse can ping your site from 30 stations worldwide, and tell you if the site is down or blocked in the same way as Just Ping does.
3. HostTracker
167
Chapter Nine
Part Three: Top 10 Websites For You To Check If A Site Is Blocked
The HostTracker website is down now, but during yesterday's test, it can check any site you enter from tens of different locations around the world. While the above 3 websites will show you from where they check your site, the following 7 won't, but their results are also correct during my test:
On the Down For Everyone Or Just Me website, enter any domain you want to check, then you can see if the domain's site is down for everyone or just you.
5. IsUp.Me
168
Chapter Nine
Part Three: Top 10 Websites For You To Check If A Site Is Blocked
IsUp.Me is another version of Down For Everyone Or Just Me, everything are same, except the domain.
6. Down Or Not
Enter a site's domain, press the Return key, then Down Or Not will show you if the site is down or not. And you can also pick up a site listed to check if it is down or blocked.
7. Down Or Is It Just Me
169
Chapter Nine
Part Three: Top 10 Websites For You To Check If A Site Is Blocked
On the Down Or Is It Just Me website, you can see if a site is really down or not by entering its domain.
8. Checksite.Us
Enter the domain of the site you want to check, then Checksite.Us will show you if they can access the site.
9. Up Or Down
170
Chapter Nine
Part Three: Top 10 Websites For You To Check If A Site Is Blocked
The design of the Up Or Down website is simple, you enter a site, then it will show you if it is up or down.
10. DOJ.me
As the name, DOJ.me (short for Down Or Just Me) will show you if the site you want to check is down or not. If a site is up according to the above 10 websites, but you can't visit it, then the site is blocked in your area.
171
Chapter Nine
Part Four: Check If A Site Is Blocked In China With WebSitePulse
With the test tool, you can enter your site's domain, choose one of the supported Chinese locations as mentioned before, select Seattle (USA), Munich (Germany) or Brisbane (Australia) as a foreign test location, and click the "Perform Test" button, then you can get the result page, such as what you can see from the following screenshot:
172
Chapter Nine
Part Four: Check If A Site Is Blocked In China With WebSitePulse
On the result page, if there is a red "Failed" message on the left and a green "OK" on the right, then your site is blocked in the Chinese location you choose; and if there is no red message, then your site is not blocked in that location.
173
Chapter Ten
Appendix
Chapter Ten
Appendix
Whether Proxy, SSH, VPN or any other free tools mentioned in this book, their natures are to connect to the internet indirectly, anonymously and safely. But when there is internet censorship (especially GFW in China) , connection is the first considerate factor rather than security, just like what a poet said, Liberty, love! These two I need. For my love I will sacrifice life, for liberty I will sacrifice my love. What is more, the connection is still indirect, anonymous and safe when anti-censorship.
174
Chapter Ten
Part One: Top 10 Websites Blocked in China
1. Facebook
2. Twitter
175
Chapter Ten
Part One: Top 10 Websites Blocked in China
3. YouTube
4. Blogger
5. Technorati
176
Chapter Ten
Part One: Top 10 Websites Blocked in China
6. Dailymotion
7. Picasa
177
Chapter Ten
Part One: Top 10 Websites Blocked in China
8. Plurk
9. Hellotxt
178
Chapter Ten
Part One: Top 10 Websites Blocked in China
10. Dropbox
What do you feel like when seeing the above 10 images? I feel mad and unhappy, since there is something that prevents me to access the most popular websites in the world, and I have no idea why those websites are blocked, since our governments never say why they blocked them.
179
Chapter Ten
Part Two: Countries That Block Facebook
180
Subsequent
This Book Is Free
Subsequent
This Book Is Free
Most contents of this book are from my FreeNuts.com blog, which focus on interesting and free web apps. As all those anti-censorship tools mentioned in this book, this book is and will be always free, you can read it on this blog or download it on the FreeNuts.com site.
181
Powered by TCPDF (www.tcpdf.org)